[Twisted-Python] Newbie: using cred strcred.AuthOptionMixin
exarkun at twistedmatrix.com
exarkun at twistedmatrix.com
Tue Jul 6 06:29:17 MDT 2010
On 11:31 am, f.schneider at de-bleek.demon.nl wrote:
>Hi,
>
>I need a perspective broker with authentification and followed the
>Twisted
>documentation on
>http://twistedmatrix.com/documents/current/core/howto/tap.html#auto4 to
>get
>the twistd plugin to work. Now I want to make it work with the
>/etc/shadow,
>but don't know how to get it to work.
The /etc/shadow cred plugin supports checking IUsernamePassword
credentials. PBServerFactory creates protocol instances that only know
how to check IUsernameHashedPassword, IUsernameMD5Password, and
IAnonymous credentials, though. So no clients will be able to
authenticate with this configuration.
You can add support for new credentials types to your PB server by
creating the PBServerFactory with an IPBRoot provider that returns a
root object (typically a Referenceable instance) with a "remote_login"
method - or any other method that you make your PBClientFactory's login
method call with credentials information.
The most straightforward thing to implement would be simple
username/password authentication where the client sends both pieces of
information to the server and the server verifies them. This would only
be secure if used over a secure transport such as SSL, of course.
It might also help to look at how authentication is implemented now, in
twisted/spread/pb.py, in the _PortalRoot, _PortalWrapper, and
_PortalAuthChallenger.
Jean-Paul
More information about the Twisted-Python
mailing list